(19) 



EuropSlsches Patentamt 
European Patent Office 
Office europeen des brev ts 



(12) 



(n) EP 1 156 697 A1 

EUROPEAN PATENT APPLICATION 



(43) Date of publication: 

21 .11 .2001 Bu lletln 2001 /47 

(21) Application number 01111566.4 

(22) Date of filing: 11.05.2001 



(51) int ci7: H04Q 7/38, G07C 9/00, 
G06F1/00 



(84) Designated Contracting States: 


(72) Inventors: 


AT BE CH CY DE DK ES Fl FR GB GR IE IT LI LU 


• Yamazakl, Shunpel 


MC NL PT SE TR 


Atsugi-shi, Kanagawa-ken 243-0036 (JP) 


Designated Extension States: 


• Koyama, Jun 


ALLTLVMKRO SI 


Atsugl-shI, Kanagawa-ken 243-0036 (JP) 


(30) Priority: 11.05.2000 JP 2000138095 


(74) Representative: GrOnecker, Kinkeldey, 


(71) Applicant: SEMICONDUCTOR ENERGY 


Stockmair & Schwanhausser Anwaitssozietat 


Maximilianstrasse 58 


LABORATORY CO., LTD. 


80538 Munchen (DE) 


Atsugi-shi Kanagawa-ken 243-0036 (JP) 



o> 

CD 

in 



(54) Biometrical authentication In a communication system 

(57) A communication system capable of easily dis- 
tinguishing a user includes means for storing reference 
living body information, means for reading collation liv- 
ing body information of the user, means for collating the 
collation living body information with the reference living 
body information and means for sending a notice of co- 
incidence as data to a mating party when the collation 
result proves coincident. 
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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 5 

[0001] This invention relates to a communication sys- 
tem. More particularly, this invention relates to a com- 
munication system for executing authentication (identi- 
fying) by using living body information (biological infor- 10 
mation). 

2. Description of the Related Art 

[0002] A communication technology that connects an is 
authentication (identification) apparatus such as a cel- 
lular telephone, a personal computer, a portable infor- 
mation terminal, or the like, through the Internet has 
made a remarkable progress in recent years. For Inter- 
net connection in business concerns and homes, it is 20 
customary to connect a fixed type personal computer to 
a telephone line. Particularly recently, various informa- 
tion exchanges have become possible as a cellular tel- 
ephone system such as so-called i-mode capable of be- 
ing connected easily to the Internet has become wide 25 
spread. 

[0003] Mail-order business and stock trade using a 
communication network such as the Internet has drawn 
an increasing attention nowadays because of its con- 
venience that transactions can be made at one's home, so 
When making a deal with a mating party by using an 
authentication apparatus, however, authentication as to 
whether or not a communicating party is an authentic 
party is practically difficult. Therefore, there is the pos- 
sibility that the third party other than the authentic per- 35 
son communicates as the userwith the mating party un- 
der the disguise of the authentic person. 
[0004] Under these circumstances, it has been de- 
sired to further improve reliability of authentication that 
the user is the authentic person. 40 
[0005] Fig. 14 shows a flow of a conventional authen- 
tication processing. First, the user uses an authentica- 
tion apparatus such as a cellular telephone and con- 
nects it to the Internet. The user then transmits a pass- 
word such as password number as data for authentica- *s 
tion to the mating party under a designated condition. 
Receiving the password for authentication as the data, 
the mating party collates a password of the authentic 
person registered thereto in advance with the password 
sent from the user and confirms whether or not they are so 
coincident. The user is authenticated as the authentic 
person when the passwords coincide and is not authen- 
ticated, when they do not. 

[0006] After collation is completed, the mating party 
sends a collation end signal representative of authenti- ss 
cation approval/rejection as information as data to the 
user. When the user is not authenticated as the authen- 
tic person, the user again transmits the password as the 
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data to the mating party. When the user is authenticated, 
the authentication operation is finished at the point when 
the user receives the collation end signal, and commu- 
nication is then started. 

[0007] Incidentally, the term Communication used 
herein means transmission/reception of the intended in- 
formation that is executed after the authentication oper- 
ation is completed. 

[0008] As described above, the conventional aiithen-. 
tication operation confirms whether or not the user is the 
authentic person by collating the number the user trans- 
mits to the mating party with the password of the au- 
thentic person registered in advance to the mating party 
in order to prevent the third party other than the authen- 
tic person from communicating as the userwith the mat- 
ing party under the disguise of the authentic person. 
[0009] The communication system using the conven- 
tional authentication apparatus is not free from the fol- 
lowing problems. 

[001 0] The possibility of the leak of the password to 
the third party cannot be denied. When the password 
leaks to the third party, the conventional authentication 
operation cannot confirm whether or not the user is the 
authentic person. 

[001 1 ] In addition, it is afraid that the authentic person 
forgets the password. In such the case, the authentic 
person must ask the mating party, or often re-write the 
password. Thus, it should be very troublesome. 
[0012] In the conventional authentication operation, 
the user must transmit the password as the data to the 
mating party, and must receive the collation end signal 
from the mating party. When the user sends a wrong 
password to the mating party, the user must again send 
the correct password to the mating party. In other words, 
transmission/reception of the data must be carried out 
at least twice between the mating party and the user. 
[0013] When the number of times of data transmis- 
sion/reception between the user and the mating party, 
the cost necessary for authentication increases. When 
the number of times of data transmission/reception is 
great, the possibility is high that a line between the user 
and the mating party is cut off during data transmission/ 
reception for some reason or other. When the line is cut 
off during data transmission/reception, it becomes nec- 
essary to start once again the authentication operation 
from the beginning and this is troublesome and compli- 
cated. 

SUMMARY OF THE INVENTION 

[0014] The present invention is directed to solve the 
problems described above. 

[0015] In the present invention, the authentication 
(identification) operation is executed on only the user 
side, and the notice of the finish of authentication is 
transmitted as data to the mating party. Confirmation 
(authentication) as to whether or not the user is the au- 
thentic person is made as living body information (bio- 
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logical information) of the user (collation living body in- 
formation) is collated with living body information of the 
authentic person (reference living body information). 
[0016] In the present specification, the term living 
body information (biological information) means bodily 
features naturally inherent to a person and also infor- 
mation that enables a person to be individually distin- 
guished. Typical living body information includes the fin- 
gerprint, the palm print and voiceprint, but the present 
invention is not particularly limited to them, in other 
words, the present invention can use those bodily fea- 
tures that are naturally inherent to a person and enables 
the person to be individually distinguished, for the au- 
thentication operation as the living body information. 
[0017] When the living body information of the user 
does not coincide with that of the authentic person as a 
result of collation, the user again executes collation of 
the Irving body information between the user and the au- 
thentic person. When the living body information of the 
user coincides with that of the authentic person, the user 
transmits a notice of the finish of authentication to the 
mating party as the data and finishes the authentication 
operation. 

[001 8] Afterthe authentication operation is completed 
and the mating party confirms the user as the authentic 
person, the intended communication is started with the 
mating party. 

[0019] When the living body information of the user 
does not coincide with the living body information of the 
authentic person in the authentication operation de- 
scribed above, the living body information of the user 
can be again collated with the living body information of 
the authentic person. When collation is continuously 
carried out at least n times (n: natural number) and yet 
does not prove coincident, the notice may be given au- 
tomatically to the mating party to the effect that the col- 
lation result is not coincident. 

[0020] A plurality of living body information of the au- 
thentic person (reference living body information) may 
exist. For example, the authentication operation can be 
executed by using both fingerprint and voiceprint. A plu- 
rality of fingerprints can be used as the living body in- 
formation of the authentic person (reference Irving body 
information) . 

[0021] A plurality of living body information of the user 
(collation living body information) can be used, too. A 
plurality of living body information of the same kind or a 
plurality of living body information of different kinds can 
be used, as well. 

[0022] When the reference living body Information is 
re-written, it is necessary to submit any proof evidencing 
the authentic person to the mating party. Alternatively; 
the following method may be employed. The authenti- 
cation operation is executed once and a password nec- 
essary for re-writing the reference living body informa- 
tion is sent as data to the mating party. When this pass- 
word proves coincident on the mating party side, the ref- 
erence living body information is then re-written. 



[0023] The authentication operation described above 
is not always be limited to authentication between the 
user and the mating party. When a manager who man- 
ages communication between the user and the mating 

5 party exists, for example, communication between the 
user and the mating party may be started after the notice 
of the end of authentication that authenticates the user 
as the authentic person is sent to the manager. 
[0024] Incidentally, the term mating party or manager 

10 jn this specification means the party that manages the 
communication made between the user of the authenti- 
cation apparatus and the mating party. More concretely, 
the term includes also a provider. However, the mating 
party or the manager used herein is not particularly lim- 

15 ited thereto but may include the party that controls the 
communication made between the user and the mating 
party. 

[0025] When the manager managing the communica- 
tion between the user and the mating party exists, the 
20 notice may be automatically given to the manager to the 
effect that collation does not prove coincident even after 
it is made continuously more than n times (n: natural 
number). 

[0026] When the reference living body information Is . 

25 re-written in this case, it is necessary to submit any proof 
evidencing the user as the authentic person to the man- 
ager. The following method may be employed, too. After 
the authentication operation is conducted once, the 
password necessary for re-writing the living body infor- 

30 mation is sent as data to the manager. When the pass- 
words prove coincident on the manager side, the refer- 
ence living body information can then be re-written. 
[0027] Since the present invention executes the au- 
thentication operation by using the living body informa- 

35 tion as described above, the present invention can elim- 
inate. the possibility of leak of the password to the third 
party other than the authentic person. Therefore, the 
present invention can improve reliability by the authen- 
tication operation for authenticating the user as the au- 

40 thentic person. 

[0028] Because the number of times of the data ex- 
change operation between the user and the mating par- 
ty (or the manager) can be restricted during the authen- 
tication operation, the cost necessary for the data trans- 

45 mission/reception can be restricted. Even when the. 
communication is cut off for some reason or other, the 
present invention can avoid the troublesome operation 
of repeating again the authentication operation from the 
beginning. 

so [0029] Because the present invention executes the 
authentication operation by using the living body infor- 
mation of the user, the present invention can eliminate 
the necessity of the user to inquire of the mating party 
the password or to frequently re-write the password 

55 when the user forgets the password. 

[0030] The living body information generally has a 
greater data quantity than the password. However, be- 
cause the present invention need not send the living 
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body information of the authentic person or the user as 
the data to the mating party (or the manager), the length 
of the time necessary for transmitting/receiving the data 
to and from the mating party (or the manager) can be 
shortened and the cost can be restricted, too. 
[0031] In the present invention, the mating party (or 
the manager) need not store the reference living body 
information of all persons who execute the authentica- 
tion operation. Therefore, even though the information 
quantity of the living body information Is greater than the 
password, the load to the mating party (or the manager) 
does not become great. Because the reference living 
body information is stored on the individual basis, the 
number of the reference living body information (here, 
all the living body information of the same person is 
counted as 1) leaking to the third party when security is 
broken can be kept at a smaller value than when the 
reference living body information of all the persons who 
execute the authentication operation is stored in the 
mating party (or the manager). 

[0032] The construction of the present invention will 
be hereinafter illustrated. 

[0033] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing reference living body information (biological 
information) means for reading collation living body in- 
formation of the user: means for collating the collation 
living body information with the reference living body in- 
formation; and means for sending a notice of coinci- 
dence as data to a mating party when the collation result 
proves coincident. 

[0034] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information; means 
for reading n collation living body information of the user; 
means for collating the n collation living body informa- 
tion with the n reference living body information; and 
means for sending a notice of coincidence as data to a 
mating party when ail of the collation results prove co- 
incident. 

[0035] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information; means 
for reading m collation living body information of the us- 
er; means for collating the m collation living body infor- 
mation with the n reference living body information; and 
means for sending a notice of coincidence as data to a 
mating party when at least one of the n reference living 
body information coincides with at least one of the m 
collation living body information. 
[0036] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing a plurality of kinds of reference living body 
information; means for reading a plurality of kinds of col- 
lation living body information of the user; means for col- 
lating the plurality of collation living body information 
with the plurality of reference living body information; 
and means for sending a notice of coincidence as data 



to a mating party when the plurality of kinds of collation 
living body information wholly coincide with the plurality 
of kinds of reference living body information. 
[0037] The present invention provides a communica- 

5 tion system for distinguishing a user, including means 
for storing n reference living body information of a plu- 
rality of kinds; means for reading m collation living body 
information of a plurality of kinds of a user; means for 
collating the m collation living body information with the 

10 n reference living body information; and means forsend- 
ing a notice of coincidence as data to a mating party 
when at least one of each kind of collation living body 
Information among the plurality of kinds of collation living 
body information coincides with at least one of each kind 

15 of reference living body information among the n refer- 
ence living body information. 

[0038] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information of a plu- 

20 rality of kinds; means for reading m collation living body 
information of a plurality of kinds of a user; means for 
collating the m collation living body information with the 
n reference living body information; and means for send- 
ing a notice of coincidence as data to a mating party 

25 when all of the plurality of kinds of collation living body 
information coincide with all of the n reference living 
body information. 

[0039] The present invention provides a communica- 
tion system for distinguishing a user, including means 
30 for storing reference living body information; means for 
reading collation living body information of the user; 
means for collating the collation living body information 
with the reference living body information; means for 
sending a notice of coincidence as data to a manager 
35 when the collation result proves coincident; wherein 
communication between the user and the mating party 
is started through the manager after the mating party 
receives the notice of coincidence as data. 
[0040] The present invention provides a communica- 
te tion system for distinguishing a user, including means 
for storing reference living body information; means for 
reading collation living body information of the user; 
means for collating the collation living body information 
with the reference living body information; means for 
45 sending a notice of coincidence as data to a manager 
when the collation result proves coincident; and means 
for causing the manager to send the notice of coinci- 
dence as data to a mating party; wherein communica- 
tion between the user and the mating party is started 
so through the manager afterthe mating party receives the 
notice of coincidence as data. 
[0041] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing reference living body information; means for 
55 reading collation living body information of the user; 
means for collating the collation living body information 
with the reference living body information; means for 
sending a notice of coincidence as data to a manager 
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when the collation result proves coincident; and means 
for causing the manager to send the notice of coinci- 
dence as data to a mating party; wherein communica- 
tion between the user and the mating party Is directly 
started after the mating party receives the notice of co- s 
incidence as data. 

[0042] In the communication, system described 
above, identification of the user is requested onty when 
transactions are conducted between the user and the 
mating party and the condition set to the mating party is 10 
satisfied. 

[0043] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing reference living body information; means for 
reading collation living body information of the user; 1$ 
means for collating the collation living body information 
with the reference living body information; and means 
for sending a notice of coincidence as data to a mating 
party when the collation result proves coincident; where- 
in a password is sent as data to the mating party after 20 
the notice of collation is sent to the mating party, and the 
- reference living body information is re-written when the 
password is authenticated as correct on the mating par- 
ty side. 

[0044] The present invention provides a communica- ^5 
tion system for distinguishing a user, including means 
for storing n reference living body information: means 
for reading n collation living body information of the user; 
means for collating the n collation living body informa- 
tion with the n reference living body information; and so 
means for sending a notice of coincidence as data to a 
mating party when the collation results wholly prove co- 
incident; wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to the mating 
party, and the n reference living body information is re- 35 
written when the password is authenticated as correct 
on the mating party side. 

[0045] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information; means *o 
for reading m collation living body information of the us- 
er; means for collating the m collation living body infor- 
mation with the n reference living body information; and 
means for sending a notice of coincidence as data to a 
mating party when at least one of the n reference living 4 $ 
body information coincides with at least one of the m 
collation living body information; wherein a password is 
sent as data to the mating party after the notice of col- 
lation is sent to the mating party, and the n reference 
living body information is re-written when the password so 
is authenticated as correct on the mating party side. 
[0046] The present Invention provides a communica- 
tion system for distinguishing a user, including means 
for storing a plurality of kinds of reference living body 
information; means for reading a plurality of kinds of col- ss 
lation living body information of the user; means for col- 
lating the plurality of kinds of collation living body infor- 
mation with a plurality of kinds of the reference living 



body information; and means for sending a notice of co- 
incidence as data to a mating party when a plurality of 
kinds of the collation living body information wholly co- 
incide with a plurality of kinds of reference living body 
information; wherein a password is sent as data to the 
mating party after the notice of collation is sent to the 
mating party, and the a plurality of kinds of reference 
living body information is re-written when the password 
is authenticated as correct on the mating party side. 
[0047] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information of a plu- 
rality of kinds; means for reading m collation living body 
information of a plurality of kinds of the user; means for 
collating the m collation living body information with the 
n reference living body information; and means for send- 
ing a notice of coincidence as data to a mating party 
when at least one of the collation living body information 
of each kind among the plurality of kinds coincides with 
at least one of n reference living body information of 
each kind; wherein a password is sent as data to the 
mating party after the notice of collation is sent to the 
mating party, and the plurality of kinds of the reference 
living body Information is re-written when the password 
is authenticated as correct on the mating party side. 
[0048] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing n reference living body information of a plu- 
rality of kinds; means for reading m collation living body 
information of a plurality of kinds of the user; means for 
collating the m collation living body information with the 
n reference living body information; and means forsend- 
ing a notice of coincidence as data to a mating party 
when all of the plurality of kinds of collation living body 
information coincide with all of the n collation living body 
information; wherein a password is sent as data to the 
mating party after the notice of collation is sent to the 
mating party, and the plurality of kinds of reference living 
body information is re-written when the password is au- 
thenticated as correct on the mating party side. 
[0049] The present invention provides a communica- 
tion system for distinguishing a user, including means 
for storing reference living body information; means for 
reading collation living body information of the user; 
means for collating the collation living body information 
with the reference living body information; and means 
for sending a notice of coincidence as data to a manager 
when the collation result proves coincident; wherein a 
password is sent as data to the manager after the notice 
of collation is sent to the manager, and the reference 
living body information is re-written when the password 
is authenticated as correct by the manager. 
[0050] The reference living body information may be 
a fingerprint, a palm print or a voiceprint. 
[0051 ] The collation living body information may be a 
fingerprint, a palm print or a voiceprint. 
[0052] The palm print may be a palm print of the whole 
palm or palm print of a part of the palm of a hand. 
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[0053] The storing means may be a flash memory. 
[0054] The reading means may be a photodiode or a 
charge coupled device (CCD). 
[0055] The present invention can use a portable infor- 
mation terminal, a cellular telephone or a personal com- 
puter. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0056] 

Fig. 1 is a flowchart showing a processing flow of a 
communication system according to the present In- 
vention; 

Fig. 2 is a schematic view showing the position of a 
palm print or a fingerprint to be read of the present 
invention; 

Figs. 3A and 3B are relational diagrams of collation 
of living boy information of the present invention; 
Figs. 4A and 4B are relational diagrams of collation 
of living body information of the present Invention; 
Figs. 5A to 5D are flowcharts after authentication is 
completed of the present invention; 
Fig. 6 is a flowchart of a re-write operation for re- 
writing reference living body information of Embod- 
iment 1 ; 

Fig. 7 is a block diagram showing a construction of 
an authentication apparatus of Embodiment 2; 
Fig. 8 is a block diagram showing another construc- 
tion of an authentication apparatus of Embodiment 
3; 

Fig. 9 is an appearance view of a portable informa- 
tion terminal as an example of the authentication 
apparatus of Embodiment 4; 
Fig. 10 is a schematic view showing an example of 
the mode of use of the portable information terminal 
as an example of the authentication apparatus of 
Embodiment 4; 

Fig. 11 is a schematic view showing another exam- 
ple of the mode of use of the portable information 
terminal as an example of the authentication appa- 
ratus of Embodiment 4; 

Fig. 12 is a block diagram showing a construction 
of the portable information terminal as an example 
of the authentication apparatus of Embodiment 4; 
Figs. 1 3A and 1 3B are schematic views showing ex- 
amples of electronic apparatuses as examples of 
the authentication apparatus of Embodiment 6; and 
Rg. 1 4 is a flowchart showing the flow of an authen- 
tication processing according to the prior art. 

DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 



[Embodiment Mode] 

[0057] Fig. 1 shows a flow of a communication system 
according to the present invention. When authentication 



is started, an apparatus for executing authentication 
(authentication apparatus) collects living body informa- 
tion of a user. The user controls the authentication ap- 
paratus to collect the living body Information. A program 
5 may be arranged in advance so that the user can start 
collecting the living body information by merely pushing 
one operation key. It is also possible to constitute the 
authentication apparatus so that it can automatically 
start collecting the living body information when its pow- 
10 er source is turned on. 

[0058] Collection of the living body information can be 
made by means of a line sensor or an area sensor using 
a CCD or a photo-diode, or a microphone. 
[0059] The authentication apparatus stores before- 
15 hand the living body information of a person (reference 
living body information). The reference living body infor- 
mation is stored in a built-in memory of the authentica- 
tion apparatus, such as a non-volatile memory. 
[0060] The living body information (collation living 
20 body information of the user) thus collected is collated 
with the personal living body information (reference liv- 
ing body information) stored in advance in the authen- 
tication apparatus. When the collation living body infor- 
mation coincides with the reference living body informa- 
25 tion, the user can be authenticated as the authentic per- 
son authorized to make the intended communication. 
[0061 ] When the collation result does not prove coin- 
cident, the authentication apparatus again collects the 
living body information of the user, and collates again 
30 the collation living body information so acquired with the 
reference living body information. 
: [0062] The user can arbitrarily set the number of times 
of repetition of collation of the living body information. 
For example, the user may set the upper limit number 
35 of times of repetition in one authentication operation to 
n (n: arbitrary natural number). When the collation result 
does not prove coincident even after the collation oper- 
ation is carried out continuously n times, the authenti- 
cation apparatus may raise an alarm. When the collation 
40 result does not prove coincident even after collation is 
repeated continuously n times, the failure of collation 
may be automatically notified to persons other than the 
user or to an apparatus other than the authentication 
apparatus. 

45 [0063] After authentication is completed, a signal hav- 
ing information representative of the finish of authenti- 
cation (authentication end signal) is transmitted to a 
mating party with which communication is to be made. 
Since authentication has already been finished in this 

so case, the exchange of the living body information need 
not be made newly with the mating party. In otherwords, 
it is only necessary for the mating party to receive the 
authentication end signal from the authentication appa- 
ratus. 

55 [0064] Authentication is finished when the mating par- 
ty receives the authentication end signal. After authen- 
tication is completed, the user and the mating party start 
the intended communication. The Intended communica- 
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tion is not limited to business communication for profit 
making such as transactions. This communication 
made between the user and the mating party can trans- 
mit ail kinds of intentions and information. 
[0065] The authentication apparatus in the present in- 
vention must essentially have the three functions of col- 
lecting the living body information of the user, collating 
the living body information and transmitting the authen- 
tication end signal. One authentication apparatus may 
have all of these functions, or a plurality of apparatuses 
may altogether attain these three functions. In the latter 
case, a plurality of apparatuses will be altogether re- 
ferred to as the authentication apparatus. 
[0066] Next, the fingerprint and the palm print will be 
explained among the living body information used in the 
communication system according to the present inven- 
tion. 

[0067] Fig. 2 depicts a right hand of a person. The liv- 
ing body information read by the authentication appara- 
tus includes the palm print 1 as a part of the palm of the 
hand, the pal print 2 as an entire of the palm, the finger- 
print of a thumb, the fingerprint of a forefinger, the fin- 
gerprint of a middle finger and the fingerprint of a ring 
finger or a little finger. It is also possible to use the palm 
print of the left hand, or the palm prints of both of right 
and left hands. 

[0068] The palm print 1 as a part of the palm of the 
hand, the palm print 2 as the whole palm of the hand, 
the fingerprint of the thumb, the fingerprint of the fore- 
finger, the fingerprint of the middle finger and the finger- 
prints of the ring and little fingers are inherent to an in- 
dividual. Therefore, the abuse of the authentication ap- 
paratus by the third party can be prevented. 
[0069] Only one kind, or a plurality of kinds, of the liv- 
ing information may be used for the communication sys- 
tem according to the present invention. A single or a plu- 
rality of living information of the same kind can be used, 
too. For example, a plurality of fingerprints of the same 
thumb can be use as a plurality of kinds of living body 
information. A plurality of living body information of dif- 
ferent kinds can be used. For example, a plurality of fin- 
gerprints of the same little finger and a voiceprint can 
be used in combination as the living body information. 
[0070] Next, explanation will be given concretely on 
the case where collation is conducted by using a plural- 
ity of living body information of the same kind. 
[0071] Figs. 3A and 3B are relational diagrams when 
a plurality of reference living body information is used to 
perform collation. Fig. 3A shows an example where au- 
thentication is given when all of four reference living 
body information (A1 , A2, A3 : A4) and four collation liv- 
ing body information (AV, A2\ A3', A4', coincide with 
one another. 

[0072] As shown in Fig. 3A, A1 and AV, B1 and B1\ 
C1 and CV, and D1 and D1\ are coincident, respective- 
ly. In this way, authentication is given only when a plu- 
rality of reference living body information and a plurality 
of collation living body information all coincide with one 



another. In consequence, reliability of authentication of 
the user as the authentic person can be improved. 
[0073] Incidentally, the number of reference living 
body information and collation living body Information is 
5 not limited to 4 but is arbitrary. 

[0074] Fig. 3B shows the case where authentication 
is given when any one of four reference living body in- 
formation (A1 , A2, A3, A4) coincides with any one of four 
collation living body information (A5\ A6', A7\ A8', A2 1 ). 
10 [0075] As shown in Fig. 3B.A2 and A2* coincide with 
each other, but A1 , A3, A4 and A5', A6\ A7\ do not, re- 
spectively. The number of times of collection of collation 
living body information can be restricted by giving au- 
thentication only when any one of a plurality of reference 
15 living body information and any one of a plurality of col- 
lation living body information coincide with each other. 
The authentication process becomes easier, too, in this 
case. 

[0076] Incidentally, the number of the reference living 
20 body information and collation living body information is 
not limited to 4 but Is arbitrary. Fig. 3B shows the case 
where authentication is given only when any one of a 
plurality of reference living body information coincides 
with any one of a plurality of collation living body infor- 
25 mation, but the number of coincidence is not limited to 
1 , but can be arbitrarily set by the operator. 
[0077] Figs. 4A and 4B show a relational diagrams of 
collation when using a plurality of kinds of reference liv- 
ing body information. Fig. 4A shows the case where au- 
30 thentication is given when two kinds of reference living 
body information (A1, A2, A3, B1, B2) coincide com- 
pletely with two kinds of collation living body information 
(A1\ A2\ A3', BV, B2'). In this way, authentication is giv- 
en only when a plurality of kinds of reference living body 
35 information wholly coincides with a plurality of kinds of 
collation living body information, and reliability of the us- 
er as the authentic person can be improved. 
[007B] As shown in Fig. 4A, A1 and AV, A2 and A2', 
A3 and A3', B1 and BV, and B2 and B2' coincide with 
40 one another, respectively. Reliability of authenticity of 
the user as the authentic person can be further improved 
by judging authenticity only when a plurality of kinds of 
reference living body coincide completely with a plurality 
of kinds of collation living body information. 
45 [0079] Incidentally, the number of kinds of both refer- 
ence living body information and collation living body in- 
formation is not limited to 2, but the number of kinds of 
living body information is arbitrary. The number of each 
kind of the reference living body information and the col- 
50 lation living body information is arbitrary, too. 

[0080] Fig. 4B shows the case where authentication 
is given when any one of three reference living body in- 
formation (A1 , A2, A3) coincides with any one of colla- 
tion living body information (A4\ A5\ A2*) and either one 
55 of two reference living body information (B1 , B2) coin- 
cides with either one of collation living body information 
(B3',BV). 

[0081 ] As shown in Fig. 4B. A2 coincides with A2' and 
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B1 coincides with B1 However, A1 , A3, B2 and A4\ A5\ 
B3' do not coincide with each other, respectively. In this 
way, reliability of authentication of the user as the au- 
thentic person can be improved by granting authentica- 
tion only when any one of the reference living body in- 
formation of each kind among a plurality of kinds of ref- 
erence living body Information used coincides with any 
one of the collation living body information. 
[0082] Incidentally, the number of kinds of.the refer- 
ence living body information and thecollation living body 
information is not limited to 2, and the number of kinds 
of living body information is arbitrary. The number of 
each kind of the reference living body information and 
the collation living body information is arbitrary, too. Fig. 
4B shows the case where authentication is given only 
when any one of the reference living body information 
coincides for each kind with any one of a plurality of col- 
lation living body information. However, the number of 
coincidence is not limited to 1 , and the user can arbitrar- 
ily set the number of coincidence for each kind of living 
body information. 

[0083] Next, the processing flow after authentication 
is completed in the authentication operation described 
above will be explained in further detail. 
[0084] Fig. 5A is a relational diagram when authenti- 
cation and communication are executed only between 
the user, and the mating party. After authentication is 
completed, the user side (more concretely, the authen- 
tication apparatus used by the user) transmits the au- 
thentication end signal. The user and the mating party 
then start the intended communication. 
[0085] Fig. 5B is a relational diagram when authenti- 
cation and communication are executed not only be- 
tween the user and the mating party but also among the 
user, the mating party and a manager. The manager 
plays the role of managing communication between the 
user and the mating party. 

[0086] The processing flow till completion of authen- 
tication is the same as that of the case where it is made 
between the two parties, i.e., the user and the mating 
party. After authentication of the user as the authentic 
person, the user (more concretely, the authentication 
apparatus used by the user) transmits the authentica- 
tion end signal to the manager. The user and the mating 
party then start the intended communication through the 
manager. 

[0087] Fig. 5C is a relational diagram when authenti- 
cation and communication are executed among the 
three parties, that is, the user, the mating party and the 
manager. 

[0088] The processing flow till completion of authen- 
tication is the same as the flow when it is executed be- 
tween the user and the mating party, and its explanation 
will be omitted. After authentication of the user as the 
authentic person is completed, the user side (more con- 
cretely, the authentication apparatus used by the user) 
transmits the authentication end signal to the manager. 
Receiving the authentication end signal from the user 



side, the manager transmits the authentication end sig- 
nal to the mating party, too. In this way. the intended 
communication is started between the user and the mat- 
ing party through the manager. 
5 [0089] Fig. 5D is a relational diagram when authenti- 
cation and communication are executed among the 
three parties, i.e., the user, the mating party and the 
manager, in the same way as in Figs. 5B and 5C. 
[0090] The processing flow till completion of authen- 
10 tication is the same as the flow when it is executed be- 
tween the user and the mating party, and its explanation 
will be omitted. After authentication of the user as the 
authentic person is completed, the user side (more con- 
cretely, the authentication apparatus used by the user) 
15 transmits the authentication end signal to the manager. 
Receiving the authentication end signal from the user 
side, the manager transmits the authentication end sig- 
nal to the mating party. The user and the mating party 
thus execute directly the intended communication with- 
20 out passing through the manager. 

[0091 ] Incidentally, when any party (such as the man- 
ager) that is involved in authentication and communica- 
tion other than the user and the mating party exists in 
the communication system according to the present in- 
25 vention, various combinations of the processing flows 
may be possible after authentication is completed. The 
present invention is not limited to the relational diagrams 
shown in Figs. 5A to 5D. Any combination may be used 
so long as the user and the mating party can start com- 
30 munication when the user transmits the authentication 
end signal to the other party. 

[0092] In the communication system according to the 
present invention, the number of each of the mating par- 
ty and the manager is not limited to one. In other words, 
35 a plurality of mating parties or a plurality of managers 
may exist. 

[0093] Since the present invention executes authen- 
tication by using the living body information as described 
above, the present invention can eliminate the possibii- 
40 ity that authentication of the user as the authentic person 
cannot be made as the password leaks to the third party 
other than the user. 

[0094] Since the number of times of the data ex- 
change operations can be reduced during authentica- 

45 tion between the user and the mating party (or the man- 
ager), the cost necessary for transmitting and receiving 
the data can be decreased, and the trouble that authen- 
tication must be again conducted from the beginning 
when communication is cut off for some reason or other. 

50 [0095] Because authentication is executed by using 
the living body information of the user the user need not 
inquire of the mating party the password when he for- 
gets the password, or need not frequently re-write the 
password. 

55 [0096] The living body information generally has a 
greater information quantity than the password. Howev- 
er, it is not necessary in the present invention to directly 
transmit the living body information of the person or the 
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user as the data to the mating party (or the manager). 
Therefore, the time necessary for transmitting and re- 
ceiving the data to and from the mating party (or the 
manager) can be shortened, and the cost can be re- 
duced. 

[0097] In the present invention, it is not necessary to 
store the reference living body information of all persons 
who conduct authentication in the mating party (or the 
manager). Therefore, even though the information 
quantity of the living body information is greater than that 
of the password, the load to the mating party (or the 
manager) does not increase. Since the individual stores 
the reference living body information, the number of the 
reference living body information leaking outside when 
security is broken (in this case, all the living body infor- 
mation secured by the same person is counted as 1) 
can be kept smaller than when the reference living body 
information of ail persons involved In authentication is 
stored in the mating party (or the manager). 
[0098] Hereinafter, examples of the present invention 
wilt be explained. 

[Embodiment 1] 



[0104] Re-write of the reference living body informa- 
tion is approved when collation of the passwords in the 
mating party proves coincident. The mating party (or the 
manager) transmits a re-write approval signal having in- 

5 formation representing approval of re-write of the refer- 
ence living body information to the user. 
[0105] Receiving the re-write approval signal, the us- 
er reads afresh the living body information into the au- 
thentication apparatus. The authentication apparatus 

10 stores the new reference living body Information, and 
the re-write operation of the reference living body infor- 
mation is completed. 

[01 06] When the reference living body information is 
re-written in accordance with the flow described above, 
15 the possibility that the third party other than the authen- 
tic person freely re-writes the reference living body in- 
formation can be lowered. 

[01 07] Because all th e re-write operations can be con- 
ducted by using the authentication apparatus, the trou- 
20 bles of the re-write operation of the reference living body 
information can be suppressed. 



[0099] This embodiment explains in detail the re-write 
operation of the reference living body information stored 
In the authentication apparatus by using the authentica- 
tion apparatus. 

[0100] Fig. 6 shows a flow of the re-write operation of 
the reference living body information in this example. 
First, authentication is conducted to authenticate the us- 
er as an authentic person. Incidentally, the detailed ex- 
planation of authentication has already been given and 
is hereby omitted. 

[0101] As authentication is completed and the user 
and the mating party (or the manager) start communi- 
cation, the re-write operation is started. The user trans- 
mits the password necessary for re-writing the living 
body information as the data to the mating party. 
[0102] The re-write operation of the reference living 
body Information cannot be conducted when collation of 
the password does not prove coincident. In this case., 
the mating party (or the manager) notifies the user that 
the password is not coincident. The user can again 
transmit the password as the data. 
[0103] In this case, the user can arbitrarily set the 
number of times of re-transmission of the password in 
the same way as in the case of collation in authentica- 
tion. For example, it is possible to prevent repetition of 
collation in one re-write operation beyond n times (n: 
arbitrary natural number). The authentication apparatus 
may be so constituted as to raise an alarm when colla- 
tion does not continuously prove coincident n times. Fur- 
thermore, an arrangement may be employed that auto- 
matically notifies persons other than the user or appa- 
ratuses other than the authentication apparatus of the 
failure of collation when collation does not continuously 
prove coincident n times. 



[Embodiment 2] 

25 [01 08] The construction of the authentication appara- 
tus used in the present invention and its operation will 
be explained next. 

[01 09] Fig. 7 is a block diagram of the authentication 
apparatus according to this embodiment. The authenti- 
30 cation apparatus of this embodiment includes an anten- 
na 601, a transmission/reception circuit 602, a signal 
processing circuit 603 for compressing/expanding sig- 
nals and encoding them, a microcomputer 604 for con- 
trol, a flash memory 605, operation keys 606, and so 
35 forth. The authentication apparatus further includes a 
sensor 611 and a collation circuit part 61 2. 
[01 1 0] When the operation key 606 is operated, the 
microcomputer 604 for control controls the sensor 611 
and lets it read the living body information of the user. 
40 Incidentally, this embodiment uses palm prints or finger- 
prints as the living body Information. The living body in- 
formation of the user read by the sensor 61 1 is inputted 
to the collation circuit part 612. 
[0111] An A/D converter 613 converts the living body 
45 information (collation living body information) of the user 
inputted to the collation circuit part 61 2 to digital signals. 
The living body information of the user thus converted 
to the digital signals is inputted to a DSP (Digital Signal 
Processor) 614 and is subjected to signal processing. 
so The term signal processing means more concretely an 
emphasis processing to stress a changing portion of a 
density of the image by using a differential filter in order 
to have the living body information more easily distin- 
guished. The resulting collation living body information 
55 is converted to numerical values inside the DSP 61 4 and 
is inputted to a comparison circuit 615. 
[01 1 2] The comparison circuit 615 compares and col- 
lates the reference living body information stored in the 
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fiash memory 605 with the collation living body informa- 
tion converted to the numerical values inside th DSP 
614 and inputted to the comparison circuit 615. 
[0113] A method of collating the living body informa- 
tion includes a feature collation system that compar s 
and collates the feature of the reference living body in- 
formation with the feature of the collation living body in- 
formation, and an image matching system that directly 
compares the two living body information. The present 
invention may use either of these systems. Authentica- 
tion can be conducted more reliably when a plurality of 
reference living body information is prepared by chang- 
ing somewhat the posture of a hand, for example. 
[0114] When coincidence can be observed, the mi- 
crocomputer 604 for control outputs the authentication 
end signal, and this signal is outputted from the authen- 
tication apparatus through the signal processing circuit 
603, the transmission/reception circuit 602 and the an- 
tenna 601 . The authentication end signal outputted from 
the authentication apparatus is transmitted to the mating 
party (or the manager) through the Internet, for example. 
Incidentally, the authentication end signal outputted 
from the authentication apparatus may be directly trans- 
mitted to the mating party without passing through the 
Internet. 

[Embodiment 3] 

[0115] Differences of the construction of the authen- 
tication apparatus used in this embodiment and its op- 
eration from Embodiment 1 will be explained. 
[01 16] Fig. 8 is a block diagram of the authentication 
apparatus of this embodiment. The authentication ap- 
paratus includes an antenna 501 , a transmission/recep- 
tion circuit 502, a signal processing circuit 503 for com- 
pressing/expanding and encoding signals, a microcom- 
puter 504 for controL a flash memory 505 and operation 
keys 506. The authentication apparatus further includes 
a microphone 511 , an amplifier 51 6 and a collation cir- 
cuit part 512. 

[0117] When the operation key 506 is operated, the 
microcomputer 504 for control controls the microphone 
511 and lets it read the living body information of the 
user. Incidentally, this embodiment uses a voiceprint as 
the living body information. The living body information 
read by the microphone 51 1 is amplified by the amplifier 
516 and is inputted to the collation circuit part 512. 
[0118] An A/D converter 51 3 converts the living body 
information of the user (collation living body information) 
inputted to the collation circuit part 512 to digital signals. 
The collation living body information converted to the 
digital signals is inputted to a DSP (Digital Signal Proc- 
essor) 514 and is subjected to signal processing. The 
term signal processing hereby means more concretely 
a processing for converting the intensity of sound for 
each frequency to numerical values by using a band- 
pass filter, or the like, so that the living body information 
can be more clearly distinguished. The reference living 



body information thus converted to the numerical values 
by the DSP 51 4 is inputted to the comparison circuit 51 5. 
[01 1 9] The comparison circuit 515 compares and col- 
lates the reference living body Information stored in the 
5 flash memory 505 with the collation Irving body informa- 
tion converted to the numerical values inside the DSP 
514 and inputted to the comparison circuit 515. 
[01 20] A method of collating the living body informa- 
tion includes a feature collation system that compares 
10 and collates the feature of the reference living body in- 
formation with the feature of the collation living body in- 
formation, and an image matching system that directly 
compares the spectra of these two living body informa- 
tion. The present invention may use either of them. Au- 
15 thentication can be conducted more reliably when a plu- 
. rality of reference living body information is used instead 
of only one living body information by somewhat chang- 
ing pronunciation, for example. 
[01 21 ] When coincidence is observed, the microcom- 
20 puter 504 for control outputs the authentication end sig- 
nal and this signal is outputted from the authentication 
apparatus through the signal processing circuit 503, the 
transmission/reception circuit 502 and the antenna 501 . 
The authentication end signal outputted from the au- 
25 thentication apparatus is transmitted through the Inter- 
net, or the like. Incidentally, the authentication end sig- 
nal may be directly transmitted to the mating party with- 
out passing through the Internet. 
[0122] The construction of this example can be 
so worked in combination with Embodiment 1 or 2. 

[Embodiment 4] 

[01 23] Next, a portable information terminal as one of 

35 the authentication apparatuses used in the present in- 
vention will be described. Fig. 9 depicts the portable in- 
formation terminal used in this embodiment. Reference 
numeral 2701 denotes a display panel and reference 
numeral 2702 denotes an operation panel. The display 

40 panel 2701 and the operation panel 2702 are connected 
to each other at a connection part 2703. An angle 6 be- 
tween the surface of the display panel 2701 , in which a 
display 2704 with a built-in sensor is disposed, and the 
surface of the operation panel 2702, in which a speech 

45 input part 2708 is disposed, can be changed arbitrarily. 
[0124] The display panel 2701 includes a display 
2704 having a built-in sensor. The display 2704 having 
a built-in sensor has the two functions of reading an im- 
age and displaying the image. This embodiment uses 

50 an EL display for the display 2704 having a built-in sen- 
sor. 

[0125] The portable information terminal shown in 
Fig. 9 has the function of a telephone unit. The display 
panel 2701 has a speech output part 2705, and the 
55 speech output part 2705 outputs speech. 

[0126] The operation panel 2702 includes operation 
keys 2706, a power switch 2707 and a speech input part 
2708. Incidentally, the operation keys 2706 and the pow- 
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r switch 2707 are shown disposed separately, but the 
operation key 2706 may include the power switch 2707. 
The speech input part 2708 inputs speech. 
[01 27] In Fig. 9, the display panel 2701 is shown hav- 
ing the speech output part 2705 and the operation panel 
2702, having the speech input part 2708. However, this 
embodiment is not particularly limited to this construc- 
tion. For example, the display panel 2701 may have the 
speech input part 2708 and the operation pane!, the 
speech output part 2705. Furthermore, both speech out- 
put part 2705 and speech input part 2708 can be pro- 
vided to the display panel 2701 or to the operation panel 
2702. 

[0128] Incidentally, the display 2704 having the built- 
in sensor may have the function of measuring bright- 
ness (luminance) around the portable information termi- 
nal and automatically adjusting luminance. The portable 
information terminal of this embodiment shown in Fig. 9 
can measure brightness (luminance) by means of the 
display 2704 having the built-in sensor. However, it is 
also possible to dispose a sensor part such as a CCD 
separately from the display 2704 having the built-in sen- 
sor so that the sensor part can measure surrounding lu- 
minance and can adjust luminance of the display 2704 
having the built-in sensor. 

[0129] The display 2704 with the built-in sensor in the 
portable information terminal may be constituted in such 
a fashion that its brightness becomes automatically high 
when the power switch is turned on, when the operation 
key 2706 is operated or when call exists, and becomes 
automatically low during the speech or after the passage 
of a predetermined time from the end of the operation 
of the operation key 2706. In consequence, power con- 
sumption of the portable terminal itself can be restricted. 
[0130] It is also possible to automatically turn off only 
the display 2704 with the built-in sensor and to prevent 
display of the image when the operation key 2706 is not 
operated or when call does not exist for a time longer 
than a predetermined time. In this way, power consump- 
tion of the portable information terminal itself can be re- 
stricted. 

[0131] The method of using the portable information 
terminal shown in Fig. 9 will be explained with reference 
to Figs. 10 and 11 . When authentication is executed by 
using the portable information terminal shown in Fig. 9, 
the palm of a hand 271 0 is so put as to cover the display 
2704 with the built-in sensor. The operation key 2706 is 
operated to execute authentication. The display 2704 
with the built-in sensor reads the lines of the palm of the 
user and executes authentication. 
[0132] Fig. 10 shows the example where the forefin- 
ger operates the operation key 2706, but the thumb, too, 
can operate the operation key 2706 as shown in Fig. 1 1 . 
Incidentally, the operation key 2706 may be provided to 
the side surface of the operation panel 2702. Only the 
forefinger or thumb of one hand (right- or left- handed- 
ness) may be used to operate the operation key 2706. 
[0133] The construction of the portable information 



terminal shown in Fig. 9 and its operation will be ex- 
plained. 

[01 34] Fig. 1 2 is a block diagram of the portable infor- 
mation terminal of this embodiment. The portable Infor- 

5 mation terminal includes an antenna 901, a transmis- 
sion/reception circuit 902, a signal processing circuit 
903 for compressing and expanding signals and encod- 
ing them, a microcomputer 904 for control, a flash mem- 
ory 905, operation keys 906, a speech input circuit 907, 

10 a speech output circuit 908, a microphone 909 and a 
speaker 910. The portable information terminal further 
includes a sensor 911 and a collation circuit part 912. 
[0135] The speech inputted from the speech input 
part 2708 is inputted to the microphone 909 and is then 

15 inputted as an analog signal to the speech input circuit 
907. The analog signal inputted to the speech input cir- 
cuit 907 is amplified and is then converted to a digital 
signal. The digital signal is inputted to the signal 
processing part 903. The digital signal is subjected to 

20 compression/expansion and encoding in the signal 
processing part 903. The transmission/reception circuit 
902 changes the frequency of the digital signal. The dig- 
ital signal is amplified in some cases, and is then trans- 
mitted from the antenna 901 . 

25 [01 36] The transmission/reception circuit 902 chang- 
es the frequency of the digital signal having the speech 
information and received by the antenna 901 . The digital 
signal is amplified in some cases, and is inputted to the 
signal processing part 903. The digital signal inputted to 

30 the signal processing part 903 is subjected to compres- 
sion/expansion and encoding, and is then inputted to the 
speech output circuit 908. The digital signal inputted to 
the speech output circuit 908 is converted to the analog 
signal, is amplified and is outputted from the speaker 

35 910, so that the user can listen to the speech from the 
speech output part 2708. 

[0137] When the operation key 906 is operated, the 
microcomputer 904 for control controls the sensor 911 
and lets it read the living body information of the user. 

40 Incidentally, this embodiment uses the palm print or the 
fingerprint as the living body information. The living body 
information (collation living body information) of the user 
read by the sensor 91 1 (concretely, a display with the 
built-in sensor 91 1 ) Is inputted to the collation circuit part 

45 912. 

[0138] An A/D converter 91 3 converts the collation liv- 
ing body Information inputted to the collation circuit part 
912 to a digital signal. The collation living body informa- 
tion so converted to the digital signal is inputted to a DSP 

so (Digital Signal Processor) 914 and is subjected to signal 
processing. The term signal processing means more 
concretely an emphasis processing to stress a changing 
portion of a density of the image by using a differential 
filter in order to have the living body information more 

55 easily distinguished. The resulting collation living body 
information is converted to numerical values inside the 
DSP 914 and is inputted to a comparison circuit 915. 
[0139] The comparison circuit 915 compares and col- 
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lates the reference living body information stored In the 
flash memory 905 with the collation living body informa- 
tion converted to the numerical values inside th DSP 
914 and inputted to the comparison circuit 915. 
[0140] A method of collating the living body informa- 
tion includes a feature collation system that compares 
and collates the feature of the reference Irving body in- 
formation with the feature of the collation living body in- 
formation, and an image matching system that directly 
compares the two living body information. The present 
invention may use either of these systems. Authentica- 
tion can be conducted more reliably when a plurality of 
reference living body information is prepared by chang- 
ing somewhat the posture of a hand, for example. 
[0141] When coincidence can be observed, the mi- 
crocomputer 904 for control outputs the authentication 
end signal, and this signal is transmitted from the port- 
able information terminal through the signal processing 
circuit 903, the transmission/reception circuit 902 and 
the antenna 901 . The authentication end signal output- 
ted from the portable information terminal is transmitted 
through the Internet, for example. Incidentally, the au- 
thentication end signal outputted from the portable in- 
formation terminal may be directly transmitted to the 
mating party without passing through the Internet. 
[0142] The authentication apparatus used in the 
present invention is not particularly limited to the porta- 
ble information terminal having the construction de- 
scribed in this embodiment. The portable information 
terminal represented in this embodiment uses the fin- 
gerprint or the palm print as the living body information, 
but may have the construction that uses the voiceprint 
as the living body information. 

[0143] Incidentally, this embodiment can be worked in 
combination with Embodiments 1 to 3. 

[Embodiment 5] 

[0144] This embodiment represents the situation 
where the present invention is employed. When the in- 
tended communication is used for business transac- 
tions for profit making such as a deal, the present inven- 
tion need not be used in some cases where authentica- 
tion to a high level such as the living body Information 
is not necessary. The present invention is not always 
necessary in the case where limited amounts of money 
are transferred. 

[0145] It is therefore possible to select the necessity 
of authentication and to selectively conduct authentica- 
tion only when large amounts of money are transferred. 
Authentication can thus be made in accordance with the 
condition of the mating party, or the Judgment standard 
may be set in advance to the control microcomputer of 
the authentication apparatus so that authentication can 
be made only when the numerical value exceeds a pre- 
determined value. The authentication end signal may be 
transmitted to the mating party (or the manager) only 
when the authentication result is necessary. 



[01 46] Incidentally, this embodiment can be worked in 
combination with Embodiments 1 to 4. 

[Embodiment 6] 

5 

[0147] Various electronic appliances can be used as 
the authentication apparatus to be used in the present 
invention. 

[0148] Fig. 13A depicts a personal computer. The per- 

io sonal computer includes a main body 2501, a casing 
2502, a display part 2503, a keyboard 2504, a sensor 
2505, and so forth. The present invention can acquire 
the living body information into the personal computer 
by using the sensor 2505. 

15 [0149] Though this embodiment uses the fingerprint 
orthe palm print as the living body information, a speech 
input part can be provided to the personal computer so 
as to utilize the voiceprint as the living body information. 
Both sensor 2505 and speech input part can be provided 

20 to utilize both palm print and voiceprint. 

[0150] Fig. 13B depicts a cellular telephone. It In- 
cludes a main body 2601 , a speech output part 2602, a 
speech input part 2603. a display part 2604, operation 
keys 2605, an antenna 2606, and so forth. When an or- 

25 dinary call is made, the telephone number of the mating 
party and the reception condition of the radio wave are 
displayed on the display part 2604. When the Internet 
is used, the necessary information of the mating party 
is displayed. The display part 2604 serves also as the 

30 sensor and can acquire the living body information. 
[01 51 ] The display part 2604 of the cellular telephone 
shown in Fig. 13B has the function as the sensor and 
the function as the display. However, the sensor may be 
separately provided while the display part 2604 is uti- 

35 Hzed only as the display. 

[0152] The authentication apparatus used in the 
present invention is not limited to the electronic appara- 
tuses represented in the embodiments! Any device may 
be used so long as it can collate the living body infor- 

40 mation with the living body information stored in ad- 
vance, and can notify the mating party of the end of au- 
thentication when collation proves coincident. 
[0153] Since the present invention executes authen- 
tication by using the living body information, the present 

45 invention can eliminate the possibility that the password 
leaks to the third party other than the authentic person 
and authentication as the authentic person cannot be 
made. Therefore, the present invention can improve re- 
liability of authentication of the user as being the authen- 
50 tic person. 

[0154] Because the number of times of the data ex- 
change operations for authentication can be restricted 
between the user and the mating party (orthe manager), 
the present invention can restrict the cost necessary for 
55 transmitting and receiving the data, and can avoid the 
trouble of repeating once again from the beginning the 
authentication operation even when the communication 
is cut off for some reason or other. 
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[0155] Because the present invention executes au- 
thentication by using the living body information of the 
user, it is not necessary for the user to inquire of the 
mating party the password or to frequently re-write the 
password when the user forgets the password. 
[0156] The information quantity of the living body in- 
formation is generally greater than that of the password. 
However, because the present invention need not di- 
rectly transmit the living body information of the authen- 
tic person or the user as the data to the mating party (or 
the manager), the present invention can limit the length 
of the time necessary for transmitting and receiving the 
data with the mating party (or the manager), and can 
also limit the cost. 

[0157] In the present invention, it is not necessary to 
store the reference living body information of all the per- 
sons who execute authentication in the mating party (or 
the manager). Therefore, even when the information 
quantity of the living body information is greater than that 
of the password, the load to the mating party (or the 
manager) does not become great. Since the reference 
living body information is stored for each person, the 
number of reference living body information (in this 
case, all living body information of one person is counted 
as 1) when security is broken can be kept at a smaller 
value than when the reference living body information 
of all the persons who execute authentication Is stored 
in the mating party (or the manager). 

Claims 

1 . A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing reference living 
body information; 

a reading means for reading collation living 
body information of the user; 
a collating means for collating the collation liv- 
ing body information with the reference living 
body information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when a col- 
lation result proves coincident. 

2. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing n reference living 
body information; 

a reading means for reading n collation living 
body information of the user; 
a collating means for collating the n collation 
living body information with the n reference liv- 
ing body information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when all of 



collation results prove coincident 

3. A communication system for distinguishing a user, 
said system comprising: 

5 

a storing means for storing n reference living 
body Information; 

a reading means for reading m collation living 
body information of the user; 
io a collating means for collating the m collation 

living body information with the n reference liv- 
ing body information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when at least 
15 one of the n reference living body information 

coincides with at least one of the m collation 
living body information. 

4. A communication system for distinguishing a user, 
20 said system comprising: 

a storing means for storing a plurality of kinds 

of reference living body information; 

a reading means for reading a plurality of kinds 

25 of collation living body information of the user; 

a collating means for collating the plurality of 
collation living body information with the plural- 
ity of reference living body information; 
a sending means for sending a notice of coin- 

30 cidence as data to a mating party when the plu- 

rality of kinds of collation living body information 
wholly coincide with the plurality of kinds of ref- 
erence living body information. 

35 5. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing n reference living 
body information of a plurality of kinds; 

40 a reading means for reading m collation living 

body information of a plurality of kinds of a user; 
a collating means for collating the m collation 
living body information with the n reference liv- 
ing body information; 

45 a sending means for sending a notice of coin- 

cidence as data to a mating party when at least 
one of each kind of collation living body infor- 
mation among the plurality of kinds of collation 
living body information coincides with at least 

so one of each kind of reference living body infor- 

mation among the n reference living body infor- 
mation. 

6. A communication system for distinguishing a user, 
55 said system comprising: 

a storing means for storing n reference living 
body information of a plurality of kinds; 
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a reading means for reading m collation living 
body information of a plurality of kinds of a user; 
a collating means for collating the m collation 
living body information with the n reference liv- 
ing body information; 5 
a sending means for sending a notice of coin- 
cidence as data to a mating party when all of 
the plurality of kinds of collation living body in- 
formation coincide with all of the n reference liv- 
ing body information. 10 

A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing reference living 
body information; 

a reading means for reading collation living 
body information of the user; 
a collating means for collating the collation liv- 
ing body information with the reference living 20 
body information; 

a sending means for sending a notice of coin- 
cidence as data to a manager when a collation 
result proves coincident, 

wherein a communication between the user 25 
and a mating party is started through the man- 
ager after the mating party receives the notice 
of coincidence as data. 

A communication system for distinguishing a user, 30 
said system comprising: 

a storing means for storing reference living 
body information; 

a reading means for reading collation living 35 
body information of the user; 
a collating means for collating the collation liv- 
ing body information with the reference living 
body information; 

a sending means for sending a notice of coin- 40 
cidence as data to a manager when a collation 
result proves coincident; 
a causing means for causing the manager to 
send the notice of coincidence as data to a mat- 
ing party, 45 
wherein a communication between the user 
and the mating party is started through the 
manager after the mating party receives the no- 
tice of coincidence as data. 

50 

A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing reference living 
body information; 55 
a reading means for reading collation living 
body information of the user; 
a collating means for collating the collation liv- 



ing body information with the reference living 
body information; 

a sending means for sending a notice of coin- 
cidence as data to a manager when a collation 
result proves coincident; 
a causing means for causing the manager to 
send the notice of coincidence as data to a mat- 
ing party, 

wherein a communication between the user 
and the mating party is directly started after the 
mating party receives the notice of coincidence 
as data. 

10. A system according to any one of claims 1 to 9, 

wherein a transaction is conducted between 
the user and the mating party, 
wherein an identification of the user is request- 
ed only when the condition set to the mating 
party is satisfied. 

11. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing reference living 
body information; * 

a reading means for reading collation living 
body information of the user; 
a collating means for collating the collation liv- 
ing body information with the reference living 
body information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when a col- 
lation result proves coincident, 
wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the reference living body 
information is re- written when the password is 
authenticated as correct on the mating party. 

12. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing n reference living 
body information; 

a reading means for reading n collation living 
body information of the user; 
a collating means for collating the n collation 
living body information with the n reference liv- 
ing body Information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when colla- 
tion results wholly prove coincident, 
wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the n reference living 
body information is re-written when the pass- 
word is authenticated as correct on the mating 
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party. 

13. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing n reference living 
body information; 

a reading means for reading m collation living 
body information of the user, 
a collating means for collating the m collation 
living body information with the n reference liv- 
ing body information; 

amending means for sending a notice of coin- 
cidence as data to a mating party when at least 
one of the n reference living body information 
coincides with at least one of the m collation 
living body information, 

wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the n reference living 
body Information is re-written when the pass- 
word is authenticated as correct on the mating 
party. 

14. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing a plurality of kinds 
of reference Irving body information; 
a reading means for reading a plurality of kinds 
of collation living body information of the user; 
a collating means for collating the plurality of 
kinds of collation living body information with a 
plurality of kinds of the reference living body in- 
formation; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when the plu- 
rality of kinds of the collation living body infor- 
mation wholly coincide with the plurality of 
kinds of reference living body information, 
wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the a plurality of kinds of 
reference living body information is re-written 
when the password is authenticated as correct 
on the mating party. 

15. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing n reference living 
body information of a plurality of kinds; 
a reading means for reading m collation living 
body information of a plurality of kinds of the 
user; 

a collating means for collating the m collation 
living body information with the n reference liv- 
ing body information; 



a sending means for sending a notice of coin- 
cidence as data to a mating party when at least 
one of the collation living body information of 
each kind among the plurality of kinds coincides 
s with at least one of n reference living body in- 

formation of each kind, 

wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the plurality of kinds of the 
10 reference living body information is re-written 

when the password is authenticated as correct 
on the mating party. 

16. A communication system for distinguishing a user, 
15 said system comprising: 



a storing means for storing n reference living 
body information of a plurality of kinds; 
a reading means for reading m collation living 
body information of a plurality of kinds of the 
user; 

a collating means for collating the m collation 
living body information with the n reference liv- 
ing body information; 

a sending means for sending a notice of coin- 
cidence as data to a mating party when all of 
the plurality of kinds of collation living body in- 
formation coincide with all of the n collation liv- 
ing body information, 

wherein a password is sent as data to the mat- 
ing party after the notice of collation is sent to 
the mating party, and the plurality of kinds of 
reference living body information is re-written 
when the password is authenticated as correct 
on the mating party. 
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17. A communication system for distinguishing a user, 
said system comprising: 

a storing means for storing reference living 
body information; 

a reading means for reading collation living 
body information of the user; 
a collating means for collating the collation liv- 
ing body information with the reference living 
body information; 

a sending means for sending a notice of coin- 
cidence as data to a manager when a collation 
result proves coincident, 
wherein a password is sent as data to the man- 
ager after the notice of collation is sent to the 
manager, and the reference living body infor- 
mation is re-written when the password is au- 
thenticated as correct on the manager. 

18. A system according to any one of claims 1-17, 

wherein the reference living body information 
comprises at least one selected from the group con- 
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sisting of a fingerprint, a palm print and a voiceprint. 

1 9. A system according to any on of claims 1 -1 7, 

wherein the collation living body information 
comprises at least one selected from the group con- s 
sisting of a fingerprint, a palm print and a voiceprint. 

20. A system according to claim 1 8, 

. wherein the palm print is a palm print of the 
whole palm or a palm print of a part of. the palm. 10 

21. A system according to any one of claims 1-17, 
wherein the storing means is a flash memory. 

22. A system according to any one of claims 1-17, 15 
wherein the reading means is a photodiode or a 
charge coupled device. 

23. A system according to any one of claims 1-17, 
wherein a portable information terminal is used. 20 

24. A system according to any one of claims 1-17, 
wherein a cellular telephone is used. 

25. A system according to any one of claims 1-17, 25 
wherein a personal computer is used. 

26. A system according to claim 19, 

wherein the palm print is a palm print of the 
whole palm or a palm print of a part of the palm. so 
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[0001] Die Erfindung betriffi ein Speichermedium, das 
insbesondere zum mobilen Einsatz geeignet ist 
[0002] Mobile Speichermedien sind in einer groBen Viel- 
zahl bekannL FUr kleine Datenmengen sind beispielsweise 
Disketten UbUch. Bei grbBeren Datenmengen werden oft- 
mals die sogenannten ZIP-Datentrager der Firma Iomega 
Oder Wechselplatten verwendet AuBerdem sind Flash-Spei- 
cher im Einsatz. Neben Problemen wie kleiner Speicherka- 
pazitat (Disketten) oder der Erfordemis eines spezieUen 
Laufwerks (ZIP-Datentrager) ist oftmals der Schutz vor ei- 
nem unberechtigten Zugriff unbefriedigend. Zwar besteht 
die Moglichkeit, die Inhalte der oben genannten Speicher- 
medien durch ein Pafiwort zu schUtzen, aJlerdings ist dieser 
Schutz in der Regel mit verhaltnismaBig kleinem Aufwand 
iiberwindbar. 

[0003] Aufgabe der Erfindung ist es daher, ein Speicher- 
medium anzugeben, das einen verbesserten Schutz vor un- 
berechtigtem Zugriff bieteL 

[0004] Diese Aufgabe wird durch ein Speichennedium 
mit einer Speichereinheit, einer USB-Schnittsteile zum Zu- 
griff auf den Inhalt der Speichereinheit und einer Authentifi- 
zierungseinheit mit einem Fuigerprintsensor zur Authentifi- 
zierung eines Benutzers gelost, wobei der Lese- und/oder 
Schreibzugriff auf den Speicherinhalt gesperrt ist und die 
Sperre durch die Authentifizierung eines Benutzers Uber den 
Fingerprintsensor aufhebbar ist. 

[0005] Die Aufgabe wird auBerdem durch ein Speicher- 
medium gelost mit einer Speichereinheit, einer USB- 
Schnutstelle zum Zugriff auf den Inhalt der Speichereinheit 
und einer Authentifizierungseinheit mit einem Fingerprint- 
sensor zur Authentifizierung eines Benutzers, wobei Daten 
in der Speichereinheit verschlusselt ablegbar sind und zur 
Entschlusselung die Authentifizierung des Benutzers uber 
den Fingerprintsensor erforderlich isL 
[0006] In dem erfindungsgemaBen Speichennedium abge- 
legte Daten konnen also auf zweierlei Weise geschutzt wer- 
den. Zum einen ist es mbglich, einfach den Lese- und/oder 
Schreibzugriff so lange zu verhindem, bis ein berechtigter 
Benutzer authentifiziert isL Andererseits ist es auch mog- 
uch, die Daten zu verschlusseln und eine Entschlusselung 
nur nach Authentifizierung eines berechtigten Benutzers zu- 
zulassen. Zur Erzielung eines besonders guten Schutzes 
kQnnen beide Schutzkonzepte kombiniert werden. 
[0007] Im erstgenannten Fall wind also nur der gesperrte 
Zugnff freigegeben. Auf regularem Weg ist es daher nicht 
mehr moglich, an die gespeicherten Daten zu gelangen. 
Durch Eingriff in das Speichennedium selber bleibt aber die 
Mdglichkeit, unberechtigterweise Kenntnis von den gespei- 
cherten Daten zu erhalten. In der zweitgenannten Moglich- 
keit ist dies auch verhindert, da die Daten selber verschliis- 
selt abgelegt werden. Allerdings ist sowohl beim Schreiben 
als auch beim Lesen eine VerschlUsselung der Daten not- 
wendig, was die Zugriffsgeschwindigkeit verlangsamt 
[0008] Besonders vorteilhaft ist die Ausgestaltung der 
SchnittsteUe nach dem USB-Standard. Dadurch ist es mdg- 
Hch, das Speichennedium bei laufendem Betrieb eines 
Computersystems an dieses anzuschlieBen beziehungsweise 
yon diesem zu trennen. Das Speichennedium wird dann bei 
Verwendung eines geeigneten Betriebssystems automatisch 
erkannt und steht beispielsweise als zusatzliches Laufwerk 
zur Verfugung. 

[0009] Bei der Identifizierung des Speichermediums er- 
folgt dann eine automatische Abfrage der Zugriflfsrechte 
Nach der Authentifizierung des Benutzers durch Auflegen 
des Fingers auf den Fingerprintsensor kann der Zugriff auf 
den Inhalt des Speichermediums erfolgen. 



[0010] Die Erfindung wird nachfolgend anhand eines 
AusfQhmngsbeispieles nSher erlSutert Es zeigt: 
[0011] Fig. 1 den schematischen Aufbau eines erfindungs- 
gemaBen Speichermediums und 
5 [0012] Fig. 2 eine dreidimensionale Darstellung eines er- 
findungsgemaBen Speichermediums. 
[0013] In Fig. 1 ist ein erfindungsgemaBes Speichenne- 
dium 1 als Blockschaltbild dargestellL Ober eine USB- 
SchnittsteUe 2 wird das Speichennedium an ein beliebiges 
to anderes Gerat mit USB-Schnittstelle angeschlossen. \bn 
dort aus erfolgt der Zugriff auf das Speichennedium. Bei- 
spielsweise soUen Daten aus dem Speichennedium ausgeie- 
sen werden. Eine solche Leseanfirage wird zunachst an eine 
Zugriffsaberwachungseinheit 4 geleiteL Falls der Zugriff 
15 auf eine Speichereinheit bereits bei einem frOheren Lese- 
. oder Schreibvorgang freigegeben wurde, kann sofort auf die 
Speichereinheit 7 zugegriffen werden. 
[0014] Falls es sich aber urn den ersten Zugriff handelt, 
wird der Zugriff auf den Speicherinhalt so lange verweigert, 
20 bis uber eine Authentifizierungseinheit 5 mit einem Finger- 
printsensor 6 ermittelt wurde, ob eine Berechtigung vorliegt. 
Dazu ist die Zugriffsaberwachungseinheit 4 mit der Authen- 
tifizierungseinheit 5 verbunden. Der Benutzer legt seinen 
Finger auf den Fingerprintsensor 6 auf, so daB der Fingerab- 
25 druck geiesen werden kann. AnschlieBend ahalysiert die 
Authentifizierungseinheit 5 den Fingerabdruck und identifi- 
ziert charakteristische linien, sogenannte Minutien. In der 
RegeL genUgen zwanzig bis dreiBig Minutien, um eine zu- 
veriassige Erkennung zu gewShrleisten. Die Minutien wer- 
30 den mit in einem Speicher der Authentifizierungseinheit 5 
abgelegten Benutzerdaten verglichen. Wenn die PrUfung er- 
gibt, daB der Benutzer zum Zugriff auf das Speichennedium 
berechtigt ist, wird ein dies anzeigendes Signal an die Zu- 
griffsaberwachungseinheit 4 zuriickgegeben. 
35 [0015] Um eine moglichst kleine Baufonn zu erreichen 
ist, es auch moglich, statt eines Fingerprintsensors 6, der den 
gesamten Fingerabdruck lesen kann, einen Streifensensor zu 
verwenden. In diesem Fall wUrde der Finger nicht aufgelegt 
werden, sondem mUBte Uber den Streifensensor beweet wer- 
40 den. 

[0016] Nach Freigabe des Zugriffs durch die Zugriffs- 
tiberwachungseinheit 4 kann nun beliebig auf den Speicher- 
inhalt uber die USB-Schnittstelle 2 zugegriffen werden. Zu- 
satzlich konnen fur verschiedene Benutzer verschiedene Zu- 
45 gnffsrechte vergeben werden, beispielsweise nur ein Lese- 
zugriff oder nur ein Schreibzugriff oder nur ein Zugriff auf 
bestimmte Speicherbereiche. 

[0017] Wenn das Speichennedium so ausgestaltet ist, daB 
die Daten verschliisselt in der Speichereinheit 7 abgelegt 
50 sind, Oberaimmt die ZugriffsUberwachungseinheit 4 eben- 
falls die Funktion des Ver- und Entschiiisselns. Die Zugriffs- 
aberwachungseinheit 4 ist in Fig. 1 als separater Block dar- 
gesteUt Sie kann naturUch ebenso als TeU der Authentifizie- 
rungseinheit 5 realisiert werden. 
55 [0018] la der Fig. 2 ist das Speichennedium, dessen Funk- 
tion anhand der Fig. 1 beschrieben wurde, als GerSt darge- 
stellL Das Gerat ist im wesentlichen quaderfonnig. An einer 
Stirnflache 12 ist ein Stecker 11 der USB-SchnittsteUe 2 dar- 
gestellL Auf einer Seitenflache 13 ist der Fingerprintsensor 
60 6 angeordneL An dem steckerseitigen Ende der Seitenflache 
13 ist eine Abschragung als Griffflache 14 vorgesehen. Da- " 
durch kann das Speichennedium gut aus einem USB-Ge- 
genstecker wieder herausgezogen werden. 
[0019] Zur Benutzung eines erfindungsgemaBen Spei- 
65 chermediums wird das Speichennedium an die USB- 
SchnittsteUe eines beliebigen Gerates angeschlossen. Wenn 
dies ein Computer ist mit einem den USB-Standard unter- 
statzenden Betriebssystem, so wird das Speichennedium 
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automatisch als zusatzliches Laurwerk erkannL Der Zugriff 
erfolgt dann wie auf ein normales Festplattenlaufwerk oder 
beispielsweise auf cine Diskette. 

Bezugszeichenliste 5 

1 Speichermedium 
2USB-Schnittstelle ' 

4 ZugriffsUberwachungseinheit ^ 

5 Aumentifizierungseinheit 

6 Fingerprintsensor 

7 Speichereinheit 
llUSB-Stecker 

12 Stirnflache ^ 

13 Seitenflache 

14 Grifffiche 

Patentanspriiche 

,. 20 

1. Speichermedium nut 

einer Speichereinheit (7), „ 
einer USB-Schrdttstelle (2) zum Zugnff auf den Inhalt 
der Speichereinheit (7) und 

einer Authentifizierungseinheit (5) mit einem Finger- 
printsensor (€) zur Authentifizierung eines Benutzers, 
wobei der Lese- und/oder Schreibzugriff auf die Spei- 
chereinheit (7) gesperrt ist und die Sperre durch die 
Authentifizierung eines Benutzers iiber den Finger- 
printsensor (6) aufhebbar ist. ^ 

2. Speichermedium mit 
einer Speichereinheit (7), 

einer USB-Schnitrstelle (2) zum Zugriff auf den Inhalt 
der Speichereinheit (7) und 

einer Authentifizierungseinheit (5) mit einem Finger- 
printsensor (6) zur Authentifizierung eines Benutzers 
wobei Daten in der Speichereinheit (7) verschlusselt 
ablegbar sind und zur Entschlusseiung die Authentifi- 
zierung des Benutzers erforderlich ist. 
3 Speichermedium nach Anspruch 2, dadurch ge- 
kennzeichnet, daB der Zugriff auf den Schliissel ge- 
sperrt ist und die Sperre durch die Authentifi^erung ei- 
nes Benutzers fiber den Fingerprintsensor (6) auraeo- 
barisL 
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